Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Drivers' = '%TEMP%\crss.scr'
- '%TEMP%\crss.scr'
- '<SYSTEM32>\reg.exe' add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Drivers /t REG_SZ /d %TEMP%\crss.scr /f
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\1.bat"
- %TEMP%\1.bat
- %TEMP%\crss.scr
- 'ft#.#rivehq.com':21
- DNS ASK ft#.#rivehq.com
- ClassName: 'Indicator' WindowName: '(null)'